Sign up for our newsletter - Navigating the horizon of business technology​
Technology / Cybersecurity

Next on Network Rail’s IT Shopping List: A Crypto Key Management System

Network Rail’s sweeping digitalisation programme continues to throw up major IT contract opportunities.

The latest: a £6 million contract for a cryptographic key management system, to help secure railway communications.

(The state-run railway infrastructure manager estimates that it will spend up to £2 billion on IT by 2030).

Network Rail is in the early days (a “prior call for competition”) of seeking a partner to provide the services.

White papers from our partners

It estimates a two-year design and implementation phase, plus a potential 15 years of support and licencing.

Demand for the secure communications infrastructure comes amid a huge nationwide shift to digital signalling and communications systems across the UK’s railways.

Over half of Britain’s analogue signalling systems will need to be replaced within the next 15 years, in the biggest rail infrastructure shift since the 1960s’ shift from coal to diesel.

Network Rail Cryptographic Key Request: What’s Needed?

Cryptographic keys are required by each European Train Control System (ETCS) Radio Block Centre (RBC) and each ETCS On Board Unit (OBU) to communicate over rail’s “GSM-R” network securely.

“The supplier will be required to provide and implement an efficient and intuitive National Online Key Management System (OKMS) which will generate, store, manage, distribute, archive and delete software cryptographic keys for the UK railway”, Network Rail said.

The system will also support offline key distribution by allowing encrypted keys to be sent via a variety of methods including physical media, email and remote download, Network Rail added.

This will include software and hardware for online and offline distribution, public key infrastructure to enable online distribution of authentication keys (KMACs) via GPRS and FTNx and “provide the opportunity to use the PKI system for other functionality.”

A disclaimer: “Interested parties are advised that Network Rail do not currently have budget approval for this scope of work, this procurement process will generate a cost which will be presented to the sponsor to secure Investment Panel approval before any contract can be awarded.”

Expressions of interest need to be in by June 22.

See also: EXCLUSIVE: GCHQ, NSA Still Using Punched Paper Tape to Produce Crypto Keys


This article is from the CBROnline archive: some formatting and images may not be present.

CBR Staff Writer

CBR Online legacy content.